Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example NGINX configuration using auth_request and auth_request_set directives to route users
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events { worker_connections 1024; }
http {
default_type text/html;
log_format main '$remote_addr -> $request $status $body_bytes_sent bytes -> $upstream_addr';
access_log /var/log/nginx/access.log main;
map $dynamic $upstream {
pilot pilot;
normal normal;
default default;
}
upstream pilot {
zone pilot 64k;
server 127.0.0.1:4001;
}
upstream normal {
zone normal 64k;
server 127.0.0.1:5001;
}
upstream default {
zone default 64k;
server 127.0.0.1:6001;
}
upstream auth {
zone auth 64k;
server 127.0.0.1:3001;
}
server {
status_zone auth-backend;
listen 3001;
location / {
#return 403;
return 200 "User is authorized.\n";
#add_header X-Route "normal" always;
}
}
server {
status_zone pilot-backend;
listen 4001;
location / {
return 200 "This request has been accessed by a Pilot User. - X-Route: $http_x_route \n";
}
}
server {
status_zone normal-backend;
listen 5001;
location / {
return 200 "This request has been accessed by a Normal User. - X-Route: $http_x_route \n";
}
}
server {
status_zone default;
listen 6001;
location / {
return 200 "This request has no X-Route header specified on the backend. - X-Route: $http_x_route \n";
}
}
server {
status_zone nginx-frontend;
listen 80;
location / {
auth_request /auth;
auth_request_set $dynamic $upstream_http_x_route;
proxy_set_header X-Route $dynamic;
proxy_pass http://$upstream;
}
location /auth {
proxy_pass http://auth;
proxy_pass_request_body off;
proxy_set_header Content-Length "";
proxy_set_header X-Original-URI $request_uri;
}
}
server {
listen 8080;
status_zone status-page;
root /usr/share/nginx/html;
location = /status.html { }
location = /status-old.html { }
location = / {
return 301 /status.html;
}
location /status {
status;
status_format json;
access_log off;
}
location /upstream_conf {
upstream_conf;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.